From 9df3a9136c3a1c554ee97f63e57b499d353b8636 Mon Sep 17 00:00:00 2001
From: Connor Edwards <38229097+c-edw@users.noreply.github.com>
Date: Sun, 20 Jan 2019 14:03:30 +0000
Subject: Allocate minimum size necessary in pango text functions. (#3473)

* Allocate minimum size necessary in pango text functions.

* Handle malloc failure.
---
 common/pango.c | 34 ++++++++++++++++++++++------------
 1 file changed, 22 insertions(+), 12 deletions(-)

(limited to 'common')

diff --git a/common/pango.c b/common/pango.c
index db8413f7..7e164043 100644
--- a/common/pango.c
+++ b/common/pango.c
@@ -10,10 +10,6 @@
 #include "log.h"
 #include "stringop.h"
 
-#define MAX_CHARS 16384
-
-static const char overflow[] = "[buffer overflow]";
-
 size_t escape_markup_text(const char *src, char *dest) {
 	size_t length = 0;
 	if (dest) {
@@ -88,13 +84,19 @@ PangoLayout *get_pango_layout(cairo_t *cairo, const char *font,
 
 void get_text_size(cairo_t *cairo, const char *font, int *width, int *height,
 		int *baseline, double scale, bool markup, const char *fmt, ...) {
-	char buf[MAX_CHARS];
-
 	va_list args;
 	va_start(args, fmt);
-	if (vsnprintf(buf, sizeof(buf), fmt, args) >= MAX_CHARS) {
-		strcpy(&buf[sizeof(buf) - sizeof(overflow)], overflow);
+	// Add one since vsnprintf excludes null terminator.
+	int length = vsnprintf(NULL, 0, fmt, args) + 1;
+	va_end(args);
+
+	char *buf = malloc(length);
+	if (buf == NULL) {
+		wlr_log(WLR_ERROR, "Failed to allocate memory");
+		return;
 	}
+	va_start(args, fmt);
+	vsnprintf(buf, length, fmt, args);
 	va_end(args);
 
 	PangoLayout *layout = get_pango_layout(cairo, font, buf, scale, markup);
@@ -104,17 +106,24 @@ void get_text_size(cairo_t *cairo, const char *font, int *width, int *height,
 		*baseline = pango_layout_get_baseline(layout) / PANGO_SCALE;
 	}
 	g_object_unref(layout);
+	free(buf);
 }
 
 void pango_printf(cairo_t *cairo, const char *font,
 		double scale, bool markup, const char *fmt, ...) {
-	char buf[MAX_CHARS];
-
 	va_list args;
 	va_start(args, fmt);
-	if (vsnprintf(buf, sizeof(buf), fmt, args) >= MAX_CHARS) {
-		strcpy(&buf[sizeof(buf) - sizeof(overflow)], overflow);
+	// Add one since vsnprintf excludes null terminator.
+	int length = vsnprintf(NULL, 0, fmt, args) + 1;
+	va_end(args);
+
+	char *buf = malloc(length);
+	if (buf == NULL) {
+		wlr_log(WLR_ERROR, "Failed to allocate memory");
+		return;
 	}
+	va_start(args, fmt);
+	vsnprintf(buf, length, fmt, args);
 	va_end(args);
 
 	PangoLayout *layout = get_pango_layout(cairo, font, buf, scale, markup);
@@ -125,4 +134,5 @@ void pango_printf(cairo_t *cairo, const char *font,
 	pango_cairo_update_layout(cairo, layout);
 	pango_cairo_show_layout(cairo, layout);
 	g_object_unref(layout);
+	free(buf);
 }
-- 
cgit v1.2.3